Over the air communication authentication using a service token

US 8,296,835 B2
Filed: 05/11/2007
Issued: 10/23/2012
Est. Priority Date: 05/11/2007
Status: Active Grant

First Claim

Patent Images

1. A system comprising:

at least a memory and a processor to implement a service configured to;

combine at least one property of an image to be sent to a communication device with at least one device capability to create a service token, the at least one device capability known by at least one of the device or the service;

store information about the service token and additional information about the communication device as entries in a database of the service, the entries in the database indexed by a device identifier of the communication device;

store an identifier of a communication session through which the service token will be sent to the communication device as an entry in the database of the service;

send the service token to the communication device;

receive an additional service token and a device token from the communication device;

determine if the received additional service token is the same as the sent service token;

determine if the sent service token and the received additional service token were sent and received in a same communication session by comparing the stored identifier of the communication session with an additional identifier of the communication session received with the received additional service token;

determine if the device token is valid; and

authenticate communication between the service and the communication device when the received additional service token is the same as the sent service token, when the sent service token and the received additional service token were sent and received in the same communication session, and when the device token is valid.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method are described for securing over the air communications between a service and a communication device. For example, one embodiment of a method for creating a security token on a communication device for communication between the communication device and a service includes combining a device identification of the communication device with a device capability to create a device information, the device capability known by the service. The method further includes encrypting the device information.

Citations

24 Claims

1. A system comprising:
- at least a memory and a processor to implement a service configured to;
  
  combine at least one property of an image to be sent to a communication device with at least one device capability to create a service token, the at least one device capability known by at least one of the device or the service;
  
  store information about the service token and additional information about the communication device as entries in a database of the service, the entries in the database indexed by a device identifier of the communication device;
  
  store an identifier of a communication session through which the service token will be sent to the communication device as an entry in the database of the service;
  
  send the service token to the communication device;
  
  receive an additional service token and a device token from the communication device;
  
  determine if the received additional service token is the same as the sent service token;
  
  determine if the sent service token and the received additional service token were sent and received in a same communication session by comparing the stored identifier of the communication session with an additional identifier of the communication session received with the received additional service token;
  
  determine if the device token is valid; and
  
  authenticate communication between the service and the communication device when the received additional service token is the same as the sent service token, when the sent service token and the received additional service token were sent and received in the same communication session, and when the device token is valid.
- View Dependent Claims (2, 3, 18, 19, 20, 21, 22)
- - 2. The system of claim 1, wherein the information about the service token includes when the service token was created.
  - 3. The system of claim 1, wherein the service is further configured to encrypt the service token.
  - 18. The system of claim 1, wherein determining if the device token is valid includes extracting a unique device identifier from the device token.
  - 19. The system of claim 18, wherein the unique device identifier is an International Mobile Equipment Identity (IMEI).
  - 20. The system of claim 19, wherein determining if the device token is valid further includes performing a Luhn Check on the IMEI.
  - 21. The system of claim 19, wherein determining if the device token is valid further includes determining if the IMEI is within a range of IMEI'"'"'s for a valid carrier.
  - 22. The system of claim 1, wherein determining if the device token is valid includes:
    - extracting a device characteristic of the communication device from the device token; and
      
      determining if the device characteristic is valid.

4. A method comprising:
- creating a service token on a service, the service token including at least one device capability of a communication device;
  
  storing information about the service token and additional information about the communication device as entries in a database of the service, the entries in the database indexed by a device identifier of the communication device;
  
  storing an identifier of a communication session through which the service token will be sent to the communication device as an entry in the database of the service;
  
  sending the service token to the communication device;
  
  receiving an additional service token and a device token from the communication device;
  
  determining if the received additional service token is the same as the sent service token;
  
  determining if the sent service token and the received additional service token were sent and received in a same communication session by comparing the stored identifier of the communication session with an additional identifier of the communication session received with the received additional service token;
  
  determining if the device token is valid; and
  
  authenticating communication between the service and the communication device if the received additional service token is the same as the sent service token, if the sent service token and the received additional service token were sent and received in the same communication session, and if the device token is valid.
- View Dependent Claims (5, 6, 7, 8, 9, 23, 24)
- - 5. The method of claim 4, wherein determining if the device token is valid includes extracting a unique device identifier from the device token.
  - 6. The method of claim 5, wherein the unique device identifier is an International Mobile Equipment Identity (IMEI).
  - 7. The method of claim 6, wherein determining if the device token is valid further includes performing a Luhn Check on the IMEI.
  - 8. The method of claim 6, wherein determining if the device token is valid further includes determining if the IMEI is within a range of IMEI'"'"'s for a valid carrier.
  - 9. The method of claim 4, wherein determining if the device token is valid includes:
    - extracting a device characteristic of the communication device from the device token; and
      
      determining if the device characteristic is valid.
  - 23. The method of claim 4, wherein the information about the service token includes when the service token was created.
  - 24. The method of claim 4, further comprising encrypting the service token.

10. A system comprising:
- at least a memory and a processor to implement a service configured to;
  
  create a service token that will be sent to a communication device;
  
  store information about the service token and additional information about the communication device as entries in a database of the service, the entries in the database indexed by a device identifier of the communication device;
  
  store an identifier of a communication session through which the service token will be sent to the communication device;
  
  send the service token to the communication device;
  
  receive an additional service token and a device token from the communication device;
  
  determine if the received additional service token is the same as the sent service token;
  
  determine if the sent service token and the received additional service token were sent and received in a same communication session by comparing the stored identifier of the communication session with an additional identifier of the communication session received with the received additional service token;
  
  determine if the device token is valid; and
  
  authenticate communication between the service and the communication device if the received additional service token is the same as the sent service token, if the sent service token and the received additional service token were sent and received in the same communication session, and if the device token is valid.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The system of claim 10, wherein determining if the device token is valid includes extracting a unique device identifier from the device token.
  - 12. The system of claim 11, wherein the unique device identifier is an International Mobile Equipment Identity (IMEI).
  - 13. The system of claim 12, wherein determining if the device token is valid further includes performing a Luhn Check on the IMEI.
  - 14. The system of claim 12, wherein determining if the device token is valid further includes determining if the IMEI is within a range of IMEI'"'"'s for a valid carrier.
  - 15. The system of claim 10, wherein determining if the device token is valid includes:
    - extracting a device characteristic of the communication device from the device token; and
      
      determining if the device characteristic is valid.
  - 16. The system of claim 10, wherein the information about the service token includes when the service token was created.
  - 17. The system of claim 10, wherein the service is further configured to encrypt the service token.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Calamera, Pablo, Montemayor, Oscar A., Gebhardt, Henry W. III, Khadilkar, Mandar, Britt, Joe Freeman Jr.
Primary Examiner(s)
Barron, Jr., Gilberto
Assistant Examiner(s)
Okeke, Izunna

Application Number

US11/801,982
Publication Number

US 20090138717A1
Time in Patent Office

1,992 Days
Field of Search

713/168, 713/169, 713/170, 713/172, 713/185, 726/5, 726/7, 726/9, 726/10, 726/18, 726/19, 726/20, 726/30
US Class Current

726/9
CPC Class Codes

H04L 2209/80 Wireless network architectu...

H04L 9/3234 involving additional secure...

Over the air communication authentication using a service token

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Over the air communication authentication using a service token

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links